diff --git a/passbook/saml_idp/models.py b/passbook/saml_idp/models.py
index 0988a28f4..318d1fc55 100644
--- a/passbook/saml_idp/models.py
+++ b/passbook/saml_idp/models.py
@@ -30,6 +30,7 @@ class SAMLProvider(Provider):
 
     @property
     def processor(self):
+        """Return selected processor as instance"""
         if not self._processor:
             self._processor = path_to_class(self.processor_path)(self)
         return self._processor
diff --git a/passbook/saml_idp/urls.py b/passbook/saml_idp/urls.py
index ba8c54d33..7b4a394e1 100644
--- a/passbook/saml_idp/urls.py
+++ b/passbook/saml_idp/urls.py
@@ -4,9 +4,13 @@ from django.urls import path
 from passbook.saml_idp import views
 
 urlpatterns = [
-    path('login/', views.LoginBeginView.as_view(), name="saml_login_begin"),
-    path('login/process/', views.LoginProcessView.as_view(), name='saml_login_process'),
+    path('login/<slug:application>/',
+         views.LoginBeginView.as_view(), name="saml_login_begin"),
+    path('login/<slug:application>/idp_init/',
+         views.LoginInitView.as_view(), name="saml_login_init"),
+    path('login/<slug:application>/process/',
+         views.LoginProcessView.as_view(), name='saml_login_process'),
     path('logout/', views.LogoutView.as_view(), name="saml_logout"),
-    path('metadata/<int:application_id>/',
+    path('metadata/<slug:application>/',
          views.DescriptorDownloadView.as_view(), name='metadata_xml'),
 ]
diff --git a/passbook/saml_idp/utils.py b/passbook/saml_idp/utils.py
index 74d266edd..a3c8527f7 100644
--- a/passbook/saml_idp/utils.py
+++ b/passbook/saml_idp/utils.py
@@ -44,6 +44,7 @@ class CertificateBuilder:
         self.__certificate = None
 
     def build(self):
+        """Build self-signed certificate"""
         one_day = datetime.timedelta(1, 0, 0)
         self.__private_key = rsa.generate_private_key(
             public_exponent=65537,
diff --git a/passbook/saml_idp/xml_signing.py b/passbook/saml_idp/xml_signing.py
index 2c6a4e715..78f2d48ff 100644
--- a/passbook/saml_idp/xml_signing.py
+++ b/passbook/saml_idp/xml_signing.py
@@ -4,7 +4,7 @@ from logging import getLogger
 from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives import serialization
 from defusedxml import ElementTree
-from lxml import etree
+from lxml import etree  # nosec
 from signxml import XMLSigner
 
 from passbook.lib.utils.template import render_to_string
@@ -17,8 +17,9 @@ def sign_with_signxml(private_key, data, cert, reference_uri=None):
     key = serialization.load_pem_private_key(
         str.encode('\n'.join([x.strip() for x in private_key.split('\n')])),
         password=None, backend=default_backend())
-    root = etree.fromstring(data)
-    # root = ElementTree.fromstring(data, forbid_entities=False)
+    # LXML is used here because defusedxml causes issues with serialization
+    # data is trusted so no issues
+    root = etree.fromstring(data) # nosec
     signer = XMLSigner(c14n_algorithm='http://www.w3.org/2001/10/xml-exc-c14n#')
     signed = signer.sign(root, key=key, cert=cert, reference_uri=reference_uri)
     return ElementTree.tostring(signed)